If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below. ** If you are logged in, most ads will not be displayed. **

mysql and php problem

does mysqld option '--secure-file-priv=' is implemented at all? it says so in manual, but when i set it to like /something, users are able to load_file from anywhere in the system anyways

i use mysql 5.0.51a-3 on linux (debian)

i just added it to /etc/init.d/mysql in mysql_safe line, like --secure-file-priv=/some/notexisting/dir, and i restarted mysql.

in memory i see (ps auxw|grep mysql) that it is used, but i'm still able load any file with apache permissions. (bypassing php safe mode), so i REALLY need to turn off this function. but no idea how...

or maybe do you know any tool that automatically blocks suspicious php scripts, like php shells.